E2E Issuer Managed Key
E2E with Issuer Managed Key
- Typescript
- Python
- Java
- PHP
- Golang
import {
Bloock,
KeyClient,
IdentityClient,
KeyProtectionLevel,
KeyType,
ManagedKeyParams,
DidMethod,
Key,
PublishIntervalParams,
} from '@bloock/sdk';
try {
Bloock.setApiKey(process.env['API_KEY'] || '');
Bloock.setIdentityApiHost(process.env['IDENTITY_MANAGED_API_HOST'] || '');
const keyClient = new KeyClient();
const identityClient = new IdentityClient();
const keyProtection = KeyProtectionLevel.SOFTWARE;
const keyType = KeyType.Bjj;
const managedKey = await keyClient.newManagedKey(
new ManagedKeyParams(keyProtection, keyType)
);
const issuerKey = new Key(managedKey); // we just passed the Baby JubJub key created before. REQUIRED.
const issuerInterval = PublishIntervalParams.Interval60; // check Issuer intervals documentation to define the best for you model. REQUIRED.
const methodDID = DidMethod.PolygonID; // check DID methods documentation. By default we recommend the PolygonID. REQUIRED.
const name = 'BLOOCK Issuer'; // Issuer name. OPTIONAL.
const description = 'this is the BLOOCK Issuer'; // Issuer desccription. OPTIONAL.
const encodedBase64UrlImage = ''; // here you can pass an encoded base 64 url image string. OPTIONAL.
const issuer = await identityClient.createIssuer(
issuerKey,
issuerInterval,
methodDID,
name,
description,
encodedBase64UrlImage
);
const schemaName = 'Bloock Employee'; // name Schema. REQUIRED.
const schemaType = 'BloockEmployee'; // we defined the Schema type, basically you could use the name but in CamelCase. REQUIRED.
const schemaVersion = '1.0'; // Schema version. REQUIRED. By default you can set "1.0".
const schemaDescription =
'BLOOCK Employee would be the new credential for BLOOCK employees'; // Schema description. REQUIRED.
const schema = await identityClient
.buildSchema(schemaName, schemaType, schemaVersion, schemaDescription)
.addIntegerAttribute(
'Number',
'number',
'indicates the employee number associated',
true
)
.addDecimalAttribute(
'Salary',
'salary',
'indicates the employee salary',
true
)
.addStringAttribute('NIF', 'nif', 'indicates the employee nif', true)
.addBooleanAttribute(
'Previous Formation',
'previous_formation',
'indicates if the employee has or not previous formation',
true
)
.addDateAttribute(
'Birth Date',
'birth_date',
'the employee birth date',
true
)
.addDateTimeAttribute(
'Time Registered',
'time_registered',
'indicates the date and time the employee was registered',
true
)
.addStringEnumAttribute(
'Country',
'country',
'to know if the employee is from one of the following',
true,
['spain', 'portugal', 'france']
)
.addIntegerEnumAttribute(
'Brother',
'brother',
'the employee number of brothers',
true,
[1, 2, 3]
)
.addDecimalEnumAttribute(
'Heigt',
'height',
'the employee aprox height',
true,
[1.5, 1.7, 1.9]
)
.build();
const holderDID =
'did:polygonid:polygon:main:2q544HUegzeRpwr3V2qu9eMwgrAmF5x4E1NCPzbQc4'; // the DID of the Holder to whom the credential will be associated. REQUIRED.
const expiration = 4089852142; // unix timestamp when the credential will expire. REQUIRED.
const credentialVersion = 0; // credential version. By default it's set to 0. REQUIRED.
const receipt = await identityClient
.buildCredential(
issuer,
schema.cid,
holderDID,
expiration,
credentialVersion
)
.withIntegerAttribute('number', 1)
.withDecimalAttribute('salary', 3000.7)
.withStringAttribute('nif', '54688188M')
.withBooleanAttribute('previous_formation', true)
.withDateAttribute('birth_date', new Date(1999, 3, 20))
.withDateTimeAttribute('time_registered', new Date(Date.now()))
.withStringAttribute('country', 'spain')
.withIntegerAttribute('brother', 1)
.withDecimalAttribute('height', 1.7)
.build();
const jsonOffer = await identityClient.getCredentialOffer(
issuer,
receipt.credentialId
);
console.log(jsonOffer); // it's the json result that we would convert to a QR code
const ok = await identityClient.revokeCredential(receipt.credential, issuer);
if (!ok) {
throw new Error('Unexpected result');
}
} catch (e) {
console.log(e);
}
import os
import datetime
import bloock
from bloock.client.identity import IdentityClient
from bloock.client.key import KeyClient
from bloock.entity.key.key import Key
from bloock.entity.identity.did_method import DidMethod
# we set the API key and create a client
bloock.api_key = os.environ["API_KEY"]
# we set de identity managed API host you have deployed
bloock.identity_api_host = os.environ["IDENTITY_MANAGED_API_HOST"]
# initialize the Key Client
key_client = KeyClient()
# initialize the IdentityClient
identity_client = IdentityClient()
# we must have our Issuer Baby JubJub key identifier. Ex: 6f36448d-49f3-4b0e-aa72-6e55863302e8
saved_issuer_key = "6f36448d-49f3-4b0e-aa72-6e55863302e8"
loaded_managed_key = key_client.load_managed_key(saved_issuer_key)
# if we don't have our Issuer entity, here you can import you Issuer from the key
imported_issuer_key = Key(loaded_managed_key)
issuer_method_did = DidMethod.PolygonID
issuer = identity_client.import_issuer(
imported_issuer_key, issuer_method_did)
# we create the credential, passing credential information
# schema identifier created before. Ex: QmadTvnNKvj2fBDgen35uAp1TfP9pSPVCNeDWw4fitqqne. REQUIRED.
schema_cid = "QmadTvnNKvj2fBDgen35uAp1TfP9pSPVCNeDWw4fitqqne"
# the DID of the Holder to whom the credential will be associated. REQUIRED.
holder_did = "did:polygonid:polygon:main:2q544HUegzeRpwr3V2qu9eMwgrAmF5x4E1NCPzbQc4"
# unix timestamp when the credential will expire. REQUIRED.
expiration = 4089852142
# credential version. By default, it's set to 0. REQUIRED.
version = 0
receipt = identity_client.build_credential(issuer, schema_cid, holder_did, expiration, version) \
.with_integer_attribute("number", 1) \
.with_decimal_attribute("salary", 3000.70) \
.with_string_attribute("nif", "54688188M") \
.with_boolean_attribute("previous_formation", True) \
.with_date_attribute("birth_date", datetime.date(1999, 3, 20)) \
.with_datetime_attribute("time_registered", datetime.datetime.now()) \
.with_string_attribute("country", "spain") \
.with_integer_attribute("brother", 1) \
.with_decimal_attribute("height", 1.70) \
.build()
# once the credential created, we need to get the credential itself
credential = receipt.credential
# with the issuer and the credential we then could call the revocation function
ok = identity_client.revoke_credential(credential, issuer)
if not ok:
raise Exception("Unexpected result")
# right now the credential it's revoked, but we need to wait our interval
# issuer state transition to be executed
import java.io.IOException;
import java.time.LocalDate;
import java.time.LocalDateTime;
import com.bloock.sdk.Bloock;
import com.bloock.sdk.client.IdentityClient;
import com.bloock.sdk.client.KeyClient;
import com.bloock.sdk.entity.identity.CredentialReceipt;
import com.bloock.sdk.entity.identity.DidMethod;
import com.bloock.sdk.entity.identity.Issuer;
import com.bloock.sdk.entity.identity.PublishIntervalParams;
import com.bloock.sdk.entity.identity.Schema;
import com.bloock.sdk.entity.key.Key;
import com.bloock.sdk.entity.key.KeyProtectionLevel;
import com.bloock.sdk.entity.key.KeyType;
import com.bloock.sdk.entity.key.ManagedKey;
import com.bloock.sdk.entity.key.ManagedKeyParams;
import java.util.*;
public class E2EManagedKey {
public static void main(String[] args) throws IOException {
try {
Bloock.apiKey = System.getenv("API_KEY");
Bloock.identityApiHost = System.getenv("IDENTITY_API_MANAGED_HOST");
KeyClient keyClient = new KeyClient();
IdentityClient identityClient = new IdentityClient();
KeyProtectionLevel keyProtectionLevel = KeyProtectionLevel.SOFTWARE;
KeyType keyType = KeyType.Bjj;
ManagedKey managedKey = keyClient
.newManagedKey(new ManagedKeyParams(keyProtectionLevel, keyType));
// we just passed the Baby JubJub key created before. REQUIRED.
Key issuerKey = new Key(managedKey);
// check Issuer intervals documentation to define the best for you model.
// REQUIRED.
PublishIntervalParams issuerInterval = PublishIntervalParams.Interval60;
// check DID methods documentation. By default we recommend the PolygonID.
// REQUIRED.
DidMethod methodDID = DidMethod.PolygonID;
// Issuer name. OPTIONAL.
String name = "BLOOCK Issuer";
// Issuer desccription. OPTIONAL.
String description = "this is the BLOOCK Issuer";
// here you can pass an encoded base 64 url image string. OPTIONAL.
String encodedBase64UrlImage = "";
Issuer issuer = identityClient.createIssuer(
issuerKey,
issuerInterval,
methodDID,
name,
description,
encodedBase64UrlImage);
// name Schema. REQUIRED.
String schemaName = "Bloock Employee";
// we defined the Schema type, basically you could use the name but in
// CamelCase. REQUIRED.
String schemaType = "BloockEmployee";
// Schema version. REQUIRED. By default you can set "1.0".
String schemaVersion = "1.0";
// Schema description. REQUIRED.
String schemaDescription = "BLOOCK Employee would be the new credential for BLOOCK employees";
List<String> stringList = new ArrayList<>();
stringList.add("spain");
stringList.add("portugal");
stringList.add("france");
List<Long> integerList = new ArrayList<>();
integerList.add(1L);
integerList.add(2L);
integerList.add(30L);
List<Double> doubleList = new ArrayList<>();
doubleList.add(1.50);
doubleList.add(1.70);
doubleList.add(1.90);
Schema schema = identityClient
.buildSchema(
schemaName, schemaType, schemaVersion, schemaDescription)
.addIntegerAttribute("Number", "number",
"indicates the employee number associated", true)
.addDecimalAttribute("Salary", "salary", "indicates the employee salary", true)
.addStringAttribute("NIF", "nif", "indicates the employee nif", true)
.addBooleanAttribute("Previous Formation", "previous_formation",
"indicates if the employee has or not previous formation", true)
.addDateAttribute("Birth Date", "birth_date", "the employee birth date", true)
.addDatetimeAttribute("Time Registered", "time_registered",
"indicates the date and time the employee was registered", true)
.addStringEnumAttribute("Country", "country",
"to know if the employee is from one of the following", true,
stringList)
.addIntegerEnumAttribute("Brother", "brother",
"the employee number of brothers", true, integerList)
.addDecimalEnumAttribute("Heigt", "height", "the employee aprox height", true,
doubleList)
.build();
// the DID of the Holder to whom the credential will be associated. REQUIRED.
String holderDID = "did:polygonid:polygon:main:2q544HUegzeRpwr3V2qu9eMwgrAmF5x4E1NCPzbQc";
// unix timestamp when the credential will expire. REQUIRED.
Long expiration = 4089852142L;
// credential version. By default it's set to 0. REQUIRED.
int credentialVersion = 0;
CredentialReceipt receipt = identityClient
.buildCredential(issuer, schema.getCid(), holderDID, expiration,
credentialVersion)
.withIntegerAttribute("number", 1L)
.withDecimalAttribute("salary", 3000.70)
.withStringAttribute("nif", "54688188M")
.withBooleanAttribute("previous_formation", true)
.withDateAttribute("birth_date", LocalDate.of(1999, 3, 20))
.withDatetimeAttribute("time_registered", LocalDateTime.now())
.withStringAttribute("country", "spain")
.withIntegerAttribute("brother", 1L)
.withDecimalAttribute("height", 1.70)
.build();
String jsonOffer = identityClient.getCredentialOffer(issuer, receipt.getCredentialId());
System.out.println(jsonOffer); // it's the json result that we would convert to a QR code
boolean ok = identityClient.revokeCredential(receipt.getCredential(), issuer);
if (!ok) {
throw new Exception("Unexpected result");
}
} catch (Exception e) {
System.out.println(e);
}
}
}
<?php
use Bloock\Bloock;
use Bloock\Client\KeyClient;
use Bloock\Client\IdentityClient;
use Bloock\Entity\Key\KeyProtectionLevel;
use Bloock\Entity\Key\KeyType;
use Bloock\Entity\Key\ManagedKeyParams;
use Bloock\Entity\Identity\PublishIntervalParams;
use Bloock\Entity\Key\Key;
use Bloock\Entity\Identity\DidMethod;
require 'vendor/autoload.php';
try {
Bloock::$apiKey = getenv("API_KEY") ?: "";
Bloock::$identityApiHost = getenv("IDENTITY_MANAGED_API_HOST") ?: "";
$keyClient = new KeyClient();
$identityClient = new IdentityClient();
$keyProtection = KeyProtectionLevel::SOFTWARE;
$keyType = KeyType::Bjj;
$params = new ManagedKeyParams($keyProtection, $keyType);
$managedKey = $keyClient->newManagedKey($params);
$issuerKey = new Key($managedKey); // we just passed the Baby JubJub key created before. REQUIRED.
$issuerInterval = PublishIntervalParams::Interval60; // check Issuer intervals documentation to define the best for you model. REQUIRED.
$methodDID = DidMethod::PolygonID; // check DID methods documentation. By default we recommend the PolygonID. REQUIRED.
$name = "BLOOCK Issuer"; // Issuer name. OPTIONAL.
$description = "this is the BLOOCK Issuer"; // Issuer desccription. OPTIONAL.
$encodedBase64UrlImage = ""; // here you can pass an encoded base 64 url image string. OPTIONAL.
$issuer = $identityClient->createIssuer($issuerKey, $issuerInterval, $methodDID, $name, $description);
// name Schema. REQUIRED
$schemaName = "Bloock Employee";
// we defined the Schema type, basically you could use the name but in CamelCase. REQUIRED.
$schemaType = "BloockEmployee";
// Schema version. REQUIRED. By default you can set "1.0".
$schemaVersion = "1.0";
// Schema description. REQUIRED
$schemaDescription = "BLOOCK Employee would be the new credential for BLOOCK employees";
$schema = $identityClient->buildSchema($schemaName, $schemaType, $schemaVersion, $schemaDescription)
->addIntegerAttribute("Number", "number", "indicates the employee number associated", true)
->addDecimalAttribute("Salary", "salary", "indicates the employee salary", true)
->addStringAttribute("NIF", "nif", "indicates the employee nif", true)
->addBooleanAttribute("Previous Formation", "previous_formation", "indicates if the employee has or not previous formation", true)
->addDateAttribute("Birth Date", "birth_date", "the employee birth date", true)
->addDateTimeAttribute("Time Registered", "time_registered", "indicates the date and time the employee was registered", true)
->addStringEnumAttribute("Country", "country", "to know if the employee is from one of the following", true, ["spain", "portugal", "france"])
->addIntegerEnumAttribute("Brother", "brother", "the employee number of brothers", true, [1, 2, 3])
->addDecimalEnumAttribute("Heigt", "height", "the employee aprox height", true, [1.50, 1.70, 1.90])
->build();
$holderDID = "did:polygonid:polygon:main:2q544HUegzeRpwr3V2qu9eMwgrAmF5x4E1NCPzbQc4"; // the DID of the Holder to whom the credential will be associated. REQUIRED.
$expiration = 4089852142; // unix timestamp when the credential will expire. REQUIRED.
$credentialVersion = 0; // credential version. By default it's set to 0. REQUIRED.
$receipt = $identityClient->buildCredential($issuer, $schema->getCid(), $holderDID, $expiration, $credentialVersion)
->withIntegerAttribute("number", 1)
->withDecimalAttribute("salary", 3000.70)
->withStringAttribute("nif", "54688188M")
->withBooleanAttribute("previous_formation", true)
->withDateAttribute("birth_date", new DateTime("1999-03-20"))
->withDatetimeAttribute("time_registered", new DateTime)
->withStringAttribute("country", "spain")
->withIntegerAttribute("brother", 1)
->withDecimalAttribute("height", 1.70)
->build();
$jsonOffer = $identityClient->getCredentialOffer($issuer, $receipt->getCredentialId());
$jsonOffering = $jsonOffer;
$ok = $identityClient->revokeCredential($receipt->getCredential(), $issuer);
if (!$ok) {
throw new Exception("Unexpected result", 1);
}
} catch (Exception $e) {
echo "Error: $e\n";
}
package main
import (
"log"
"os"
"time"
"github.com/bloock/bloock-sdk-go/v2"
"github.com/bloock/bloock-sdk-go/v2/client"
"github.com/bloock/bloock-sdk-go/v2/entity/identity"
"github.com/bloock/bloock-sdk-go/v2/entity/key"
)
func main() {
bloock.ApiKey = os.Getenv("API_KEY")
bloock.IdentityApiHost = os.Getenv("IDENTITY_API_HOST")
keyClient := client.NewKeyClient()
identityClient := client.NewIdentityClient()
managedKey, err := keyClient.NewManagedKey(key.ManagedKeyParams{
KeyType: key.Bjj,
})
if err != nil {
log.Fatalln(err)
}
issuerKey := key.Key{ManagedKey: &managedKey} // we just passed the Baby JubJub key created before. REQUIRED.
issuerInterval := identity.Interval60 // check Issuer intervals documentation to define the best for you model. REQUIRED.
methodDID := identity.PolygonID // check DID methods documentation. By default we recommend the PolygonID. REQUIRED.
name := "BLOOCK Issuer" // Issuer name. OPTIONAL.
description := "this is the BLOOCK Issuer" // Issuer description. OPTIONAL.
encodedBase64UrlImage := "" // here you can pass an encoded base 64 url image string. OPTIONAL.
issuer, err := identityClient.CreateIssuer(issuerKey, issuerInterval, methodDID, name, description, encodedBase64UrlImage)
if err != nil {
log.Fatalln(err)
}
schemaName := "Bloock Employee" // name schema. REQUIRED
schemaType := "BloockEmployee" // we defined the schema type, basically you could use the name but in CamelCase. REQUIRED.
schemaVersion := "1.0" // schema version. REQUIRED. By default you can set "1.0".
schemaDescription := "BLOOCK Employee would be the new credential for BLOOCK employees" // schema description. REQUIRED
schema, err := identityClient.BuildSchema(schemaName, schemaType, schemaVersion, schemaDescription).
AddIntegerAttribute("Number", "number", "indicates the employee number associated", true).
AddDecimalAttribute("Salary", "salary", "indicates the employee salary", true).
AddStringAttribute("NIF", "nif", "indicates the employee nif", true).
AddBooleanAttribute("Previous Formation", "previous_formation", "indicates if the employee has or not previous formation", true).
AddDateAttribute("Birth Date", "birth_date", "the employee birth date", true).
AddDatetimeAttribute("Time Registered", "time_registered", "indicates the date and time the employee was registered", true).
AddStringEnumAttribute("Country", "country", "to know if the employee is from one of the following", true, []string{"spain", "portugal", "france"}).
AddIntegerEnumAttribute("Brother", "brother", "the employee number of brothers", true, []int64{1, 2, 3}).
AddDecimalEnumAttribute("Heigt", "height", "the employee aprox height", true, []float64{1.50, 1.70, 1.90}).
Build()
if err != nil {
log.Fatalln(err)
}
holderDID := "did:polygonid:polygon:main:2q544HUegzeRpwr3V2qu9eMwgrAmF5x4E1NCPzbQc4" // the DID of the Holder to whom the credential will be associated. REQUIRED.
expiration := int64(4089852142) // unix timestamp when the credential will expire. REQUIRED.
credentialVersion := int32(0) // credential version. By default it's set to 0. REQUIRED.
receipt, err := identityClient.BuildCredential(issuer, schema.Cid, holderDID, expiration, credentialVersion).
WithIntegerAttribute("number", 1).
WithDecimalAttribute("salary", 3000.70).
WithStringAttribute("nif", "54688188M").
WithBooleanAttribute("previous_formation", true).
WithDateAttribute("birth_date", time.Date(1999, time.March, 20, 0, 0, 0, 0, time.UTC)).
WithDatetimeAttribute("time_registered", time.Now()).
WithStringAttribute("country", "spain").
WithIntegerAttribute("brother", 1).
WithDecimalAttribute("height", 1.70).
Build()
if err != nil {
log.Fatalln(err)
}
jsonOffer, err := identityClient.GetCredentialOffer(issuer, receipt.CredentialId)
if err != nil {
log.Fatalln(err)
}
log.Println(jsonOffer)
ok, err := identityClient.RevokeCredential(receipt.Credential, issuer)
if err != nil {
log.Fatalln(err)
}
if !ok {
log.Fatalln("unexpected result")
}
}